Product Details

GadgetCA: A Tool for Generating ReDoS Attacks

Created: 2022

Czech title
GadgetCA - Nástroj pro generování ReDoS útoků
Type
software
License
required - free
Authors
Holík Lukáš, doc. Mgr., Ph.D. (DITS FIT BUT)
Holíková Lenka, Ing. (DITS FIT BUT)
Homoliak Ivan, Ing., Ph.D. (DITS FIT BUT)
Lengál Ondřej, Ing., Ph.D. (DITS FIT BUT)
Veanes Margus (MSR)
Vojnar Tomáš, prof. Ing., Ph.D. (DITS FIT BUT)
Keywords

regular expressions, pattern matching, security, counting-set automata, ReDoS, generator

Description

The tool allows to generate ReDoS attacks for automata-based matchers. It is the first generator capable of attacking the automata-based matchers using bounded repetition. It is based on counting-set automata (CsA) which are small and can be constructed faster than deterministic counting automata (DFA). 

Location

The tool is available at http://www.fit.vutbr.cz/research/groups/verifit/tools/gadgetca

Licence

Free software under the terms of GNU GPL (cf. http://www.gnu.org/licenses/gpl.html).

Projects
Efficient Finite Automata for Automated Reasoning (LL1908)
Reliable, Secure, and Efficient Computer Systems (FIT-S-20-6427)
Scalable Techniques for Analysis of Complex Properties of Computer Systems (GA20-07487S)
Research groups
Automated Analysis and Verification Research Group - VeriFIT (VZ VERIFIT)
IT Security Research Group (VZ Security@FIT)
Departments
Department of Intelligent Systems FIT BUT (DITS FIT BUT)
Back to top